Back to skill
Skillv1.0.1
VirusTotal security
Python包鸿蒙兼容性测试技能 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 28, 2026, 5:30 AM
- Hash
- ab85e9295b42fd2befe1de5eb684f8e15d5bbf11f4aa15d3b5577cf74c648803
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: python-harmony-compatibility-checker Version: 1.0.1 The skill bundle is classified as suspicious primarily due to the intentional disabling of SSL certificate verification (ssl.CERT_NONE) in scripts/check_compatibility.py when downloading package source code from GitHub and PyPI. While the tool's core functionality—downloading, installing, and executing third-party code via pip and pytest—is inherently high-risk, it is consistent with the stated purpose of a compatibility checker. However, the lack of transport security is a significant vulnerability that exposes the agent to Man-in-the-Middle (MITM) attacks during the download phase.
- External report
- View on VirusTotal